Tuesday, May 31, 2011

Are the friends that appear on the left of my Facebook profile my stalkers?

 A rumor has been going around recently that the friends that appear on the left of your Facebook are your profile stalkers. In fact the rumor has been quickly spreading on question and answer sites. In fact some people have been answering that information is true, others have been saying go onto Facebook and look up profile stalkers and it will tell you (something you should NOT do), and others are giving the correct information that is is false.

  Now a quick look on Facebook would tell you how that list is populated. If you see people looking up answers to this question inform them of the blog post or send them to that Facebook link. Warn them that looking up apps that tell you will lead you no where because all the apps are fake. It's sad to see so many people think they are real and are telling others about them.

Mac Malware: Now on Facebook

 Windows Malware has spread through Facebook before, however now its Mac Malware spreading through Facebook. Now Mac Malware has really picked up over the past few weeks. First we had the big outbreak of a Mac Fake, then it got updates so it did not need an admin password, now its spreading on Facebook. Its been very active in the Mac Computer Security world recently.

The FakeAV only launches if you go to the site on a Apple Mac machine. Once again its a MacDefender slike FakeAV so try avoid clicking on suspicious looking links on your Facebook. Also if you own a Mac now would be a good time to go install some computer security software on. Yes it may be a Mac but it is not immune to malware, that has been proven a lot recently in the past few weeks.

 If you have already clicked on the link do not buy the software it offers, it is a scam and should be avoided.

IGL-Security Guide: System Monitoring

 System Monitoring can be used for computer security or just day to day use of your machine. I keep a lot of System Monitoring tools handy so I thought I would share some with you in my guide series I have been working on. So here are my recommendations for System Monitoring tools:

 Winpatrol

 Winpatrol is a simple to use app that is still very good. Winpatrol "patrols" your machine and then alerts you to new startup programs, services, addons, and a lot of other important areas in your machine. The free version of this product will check your machine every once in a while but the Pro version is constantly running in the background guarding your machine. I highly recommend this app, its great for everyone techie or not.

 Process Explorer

  Although the Task Manger built into Windows is usable it does not have a lot of extras. That is where Process Explorer comes in, I will be honest this is a very powerful task manger. If you want to take a deep look into whats running on your machine Process Explore would be a good tool to use.

ThreatFire

 Now ThreatFire is a little more advance however that does not mean its un-usable. Instead of TF warning you on every action ThreatFire watches the behavior of a file and then warns you when a file is preforming Malware Like Behavior. This really helps cut down on alerts you would you with a program that would warn on every change.

  MJ Registry Watcher

 The Registry plays an important part in the Windows OS. So it simply makes sense Malware will try to edit the registry to cause damage. This is where MJ Registry Watcher comes it, it can warn you of changes when they attempt to happen so you can know what malware is doing and stop it. 
 

Monday, May 30, 2011

Elmo says "Use a Strong Password" (PBS Hacked)

 So PBS.org has been hacked and reports are still coming out about this incident. It seems a episode of Frontline about Wikileaks angered the hackers which is what caused the incident. This just goes to show that any place could be a target on hack attacks. However a point I'd like to come comes from a quote from The Naked Security blog:

 While PBS is the victim here, the passwords disclosed for most affiliates are embarrassingly predictable. 

 Now it is a big deal that PBS was hacked, however I think stronger passwords should have been required/urged. PBS is a pretty large network and I think something should have been in place. I am pretty sure Elmo would have said "to use a strong password online" and The count would have said "using the number of the day along with the letter of the day is not a good idea". Now I know the PBS passwords were probably not like that but since Sesame Street is one of PBS most well known programs I thought I would throw in some references to them. 


 Now for some tips on making a strong password:
 
  1.  Use a combo of letters in numbers. Uppercase and lower case letters. A good mix of numbers
  2.  Don't be predictable. Making your Password be Password or going somethingIlike123 may be to predictable.
  3.  Don't be personal. Using your dog's name, your cat's name, or anything person would make it easy for hackers to predict your password. Try to stay away from personal things.

Profile Spy Spam Wave going through Facebook

 Another large wave of "Who viewed your profile spam" seems to have gone through Facebook. The apps I saw were using the following messages:

 "find out how many look at your profile?

 That message links to a site that has not been ranked by on Web of Trust. So if you are a WOT user I recommend rating it.

 Next app I saw was called "Who Looks?" on Facebook and it was spreading the following message.

 Nifty, I can not believe you can track people that view your photos. .. I just got an idea the identities are of the top 10 people checking out my photos! ..I think I may start stalking some of them back :O, lol.. You can also see WHO VIEWED YOUR PROFILE here 

Finally I saw a few fan pages being spammed out saying "find out who is viewing your profile here"

Remember no app can see who is viewing your profile so just ignore them all.

Igl-Security Guide: URL Research

  Like researching files the URLs you go to should be researched. Like file research a lot of url research tools are out there. I decided I would like to share some of my favorite of the tools to be used for URL research:

 VirusTotal

 Like in my file research guide VirusTotal is one of my most used tools when researching urls. VirusTotal allows you to enter a url and on top of doing a check against some of the most popular malware url databases it will scan the page against all of its 42 virus scanners. That is great when checking the sites to make sure they don't have exploit code or a malware dropper on the end page.

URL Void

 Url-Void is a great tool when you want to check a site against a large list of malware databases. I highly recommend it when you want to see if a new url is trustable to not.

 Web of Trust

 Want to get the reputation of a site? Want to see what others think about it? Web of Trust is a great tool for just that. WOT allows you check a sites web reputation and read comments others leave about the site and what they think of it.

Browser Defender

 Browser Defender is a great tool if you want to see how a site is ranked and how the downloads were rated.

 HpHost

 HpHost is a great tool when to check a site and see what its IP is. The HpHost database is updated often and is a great resource when you want to check out a site ranking.

Sunday, May 29, 2011

IGL-Security Guide: File Research

 Executable Files (.exe is the most common but others are out there) are everywhere and you most likely run a lot every day. However have you ever checked on what the files do before you run them? Thanks to a lot of different companies out there we can now research what each file does without the need of manually researching what changes are made. I use these tools a lot when I want to research what a malware files does, so I have had a lot of personal experience with these so I want to share my knowledge with you. Here are some of my favorite tools for file research.

 Bleeping Computer File DB:

 Bleeping Computer's FileDB is a great way to look up what a file belongs to and to see if its already ranked as safe or not. I use Bleeping Computer File DB when I see a file in my task manager using a lot of CPU and I don't know what it is. This tool allows you to look up file data without needing to upload it anywhere and it simple to use. Just enter the .EXE name and search.

 Online Armor File DB

 Just like Bleeping Computer's File DB the Online Armor File DB lets you enter an .exe name to see if its ranked OK in their database and check vendor information. Online Armors file DB (known as Online Armor System Information Service) collects its data through users of their firewall application Online Armor to gather information on how many users use it and how many users allow it. This is a great service for those that don't want to upload a file for analysis.

 Xandora

 Xandora is a free tool for file analysis from Panda Security. Uploading the file to site a like this will allow you to get a report of the files behavior and the file will be submitted to Panda Security for analysis. The tool also allows you search for reports by MD5, name, and even the IP it connects to.

  ThreatExpert

 Threat Expert from PC Tools is one of the more known file analysis tools. Using this tool it will check the files behavior, and attempt to tell you what type of malware it is comparing it what other malware has the same behavior. I normally send any files I research to Xandora and ThreatExpert because some malware attempts to kill itself if it detects a vendors research tools.

 Virustotal

 VirusTotal is really the most famous out of all the file research tools. When you upload a file to VirusTotal it will give you the detection results of over 42 different antivirus engines. It will also send the file to each of the vendors on VirusTotal to help them detect the new malware sent there. VirusTotal is a great tool if you want to check the detection results of a file before you run it. However VirusTotal uses the command line version of each scanner not the full product so don't think that because its not detected on VT its not detected by the product on a real machine. On a real machine AV's have HIPS, Behavior Blockers, and other tech that can not used on a command line version.

Saturday, May 28, 2011

Internet Security Guide: Cookies

 Cookies have been around for a while, in fact the first initial specification were put out October 13th, 1994. The browser it was made for the Netscape browser. Now I am not going to go on talking about how Cookies work so I will just share with you a site I think has a very good and simple explanation of how cookies work and what they are used for. Now cookies can make our internet browsing simple. Allowing one click access to your site, but along with the simplicity privacy issues also rise up.

 The debate on the privacy of cookies has come up for a while now. Advertiser's can collect lots of data that they can sell for money by tracking your online usage. Now a few different types of cookies exist: You have the regular HTTP cookie which is also sometimes divided up into two groups which would either be a tracking cookie or non tracking cookie. Then you have flash cookies which are harder to block then regular cookies due to the fact that when you set your browser to reject cookies that does not include flash cookies. Then you have the even harder to remove evercookie which rebuilds itself if you attempt to delete it.

 Now for some good news, if you are a Firefox, Chrome, or Safari user I know of a tool to help prevent cookies if you dislike them. Somewhere out there their is most likely a tool to help block them on IE but I have not used one personally. The tool is known as Ghostery and it has a feature that you may like. Ghostery has a feature so that when you close your internet browser it will delete all the flash and silverlight cookies. It also has a new feature that is currently in testing (its off by default) that will prevent cookies from being installed in the first place. If you are looking for a tool to prevent cookies Ghostery may be the tool you are looking for.

 Now if you would just like to Cleanup your cookies every once in a while I know of another tool that may be of good use for you. This tool is called CCleaner and it is a great tool for cleaning up cookies and other temp internet files. Please note though if you run that do not use the registry cleaner if you do not know what you are doing. You could cause major damage without knowing what you are doing.

 If you have any suggestions/tips about staying safe from cookies make sure you leave a note in our comment section with your ideas so everyone can learn from your knowledge. 

Oh my it actually works!!!........................not

 The who viewed your profile scams seem be hitting twitter once again. Here is the latest message that I have seen going through Twitter:

 OMG this actually works! see who viewed your Twitter profile: (bad link)


 The bad app name was: L00k At Wh0

 Once again they are adding a hash tag # with a popular topic to try to get people who are looking at tweets about the current trending topic. Also even though it says it actually works it does not. If you see this tweet I highly recommend you do not click it and send the person who sent it to this blog post.

 To remove go into your app settings and remove permissions for the app L00k At Wh0 so it not longer has permission to post. If you don't do that it can start back up again. Then delete all the tweets it has made, then finally change your password just to be safe. 

IGL-Security Tips/Faqs about Computer Security 2011

 Everyone has a question about computer security. So many questions are out there, and I don't have the time or knowledge about each topic to write a blog post on each one. So I have decided to come up with a list of frequently asked questions and answers about computer security. I will also be adding some tips for computer security in the guide also.

1. Do Computer Security Vendors create malware?: no

 A common question is "Do computer security vendors create malware that their products detect. I think the best way to answer this question it to look at a little article put out by Emsisoft which they have in the Emsisoft KB. It provides a great answer to the question if they do or not.

2. I don't have to renew my computer security software, it will just keep protecting me: incorrect

 With computer security software coming preinstalled on your machine sometimes people just ignore the warning that the trial and expired and keep thinking its protecting them. That is incorrect with your subscription expires it stops updating the antivirus database. This will leave you open to malware attacks and put your data at risk. When you get the warning either renew it or install a free AV software.

3. My Mac is immune to Malware: no

 The rumor that Macs are immune to malware have been going around for a while.  The however has been disproved a lot in the past few days with the Mac FakeAV's appearing over the net and infecting a lot of machines

4. My Security Product can detect all malware out there!: no

 No computer security product can detect every piece of malware out there. Take a look at some AV test, none of the apps detect 100% of malware. Its impossible with the rate that new malware is coming out. That's why I recommend that you use a layered computer security setup to help keep you safe.

 5. Any paid product is better then a free one: slightly


 It is said that "you get what you pay for" and that can or can not apply to computer security software. Yes most paid software contains extra that are not in the free version. However most free security software are also very capable software that are good at protecting your machine. You may not have the phone tech support, or that hourly software updates. However a daily security software update is better then no security software.

 6. Cloud Security Software is spying on my data: if they are a rep. company then most likely not.

 "The Cloud" has been being added to a lot of different computer security software recently. However many people fear that if it has cloud "my security software is going through my personal data". As long as you are using security software from a trust-able company I don't think you have much to worry about. What would they gain having people look through every photo? They don't have much to gain and the cost would be more then the reward.

7. Is it a good idea to turn off Windows Update?: No

 Windows update plays a key part of the Windows OS. I don't think its ever a good idea to shut off any automatic updates systems. Turning off automatic updates will leave your computer open to vulnerability's that would have been fixed in the program was updated.

 8. Privacy settings online should always be left at the defaults: not always

 Many people never take the time to look at their online privacy settings think that default is better. I highly encourage everyone to take a look at all their sites privacy settings. Its also a good idea to check into whats being shared on each site you are on.

9. You should take computer security advice from every site online: no

 This faq feels a little bit weird to be writing since I am some place online but it still must be written. You really should check into the advice your given online to make sure its true and not trust in in blindly. I have seen some bad advice on some sites and I have seen some good so always double check  what the advice is.

Friday, May 27, 2011

Who viewed your profile continue to rise

 With all the warnings, from here on IGL-Security, the Facebook security page, and computer blogs all over the net people still continue to click on who viewed your profile scams. So here is a check of the current ones spreading through the Facebook world

 hi everybody omg it's unreal now you'll get to know who viewed your Facebook page I can see my top profile visitors and im so scared that my Ex is still viewing my profile every day check it out @ (bad facebook app link)


 looks like 381 people visited my profile, says this page lol. are you stalking my page or something? lol jk

 WOAH! my profile was viewed 40 times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours (bad link)


 Please remember no app can tell you who is viewing your profile. If you run into one do not click on it. If you start spreading it delete all the posts it may have made, and to be safe change your password. If you friends start posting it warn them its a scam.

Thursday, May 26, 2011

Tips for computer safety: Computer Security Software

 After doing a past blog post about Browser security software time to talk about computer security software. Now you may ask why not just protect the browser and ignore the rest, the reason is the browser is not the only way malware can get into your machine. USB drives, exploits, and all other types of infection points. So here are my recommendations of software to secure your machine. All of the programs I am going to recommend are free or have a free version:

Panda Cloud Antivirus:

 Panda cloud is personally my favorite antivirus. Its light, its worked on every machine I have tried it on. It comes in to versions Free and Pro and have a very good detection rate. I highly recommend that you try it out, each new version it is getting better.

Malwarebytes

 Malwarebytes Anti-Malware is a great tool for double checking your computers security status. It has high detection rates and is overall a very good and easy to use product.

Hitman Pro

 Hitman Pro uses a couple of different scan engines to scan your PC for malware infections. Very handy in case you want to do a quick double check.

Wednesday, May 25, 2011

Facebook CEO: No Facebook for pre-teens.......yet

 A while ago I blogged about Kids under the age limit 13 being on Facebook. Now the Facebook CEO has cleared up his comment and what the meaning behind it is.

 So it seems we won't be seeing a pre-teen version of Facebook anytime soon. So once again if you are thinking of making your 12 or under a Facebook account read my past article about it. I always recommend getting into a good habit and following each sites TOS.

The Cat and Mouse Game: More Mac Malware found

 Malware fighting on Windows has been a game of cat and mouse. One security detects it and once the security update it out 3 new malware are out there infecting people. The same thing it starting out for Mac Malware, this time a new Mac FakeAV has been released and it is more dangerous then the last one.

 Today Intego has detected a new variant of the Mac FakeAV called Mac Guard. This time however it has been updated and no admin password is needed. Also it now deletes its main installer on install to hide itself. That is something Windows Malware has been doing recently.

If your have a Mac don't download this program, also if its already installed do not pay for it.

Time on Twitter Scam back

 How long have you been on twitter? I really don't know but I do know these fake apps will not tell you. While doing my search for scam/spam apps on twitter I ran into the app Time Check Me 2 R spreading the following message:

  (Trending Topic) ->I have spent 22.6 hours on Twitter! See how much you have

 (Trending Topic) --> I have spent: 35.2 hours on Twitter! See how much you have:

Remember no app can tell you how long you have been on twitter. If your account starts spreading it go into your account settings and remove the app from the list of apps allowed to access your account. If you see anyone spreading this scam make sure you send them a link to this article so they know how to remove it.

 

 

Tips for Internet Safety: The Web Browser

 The internet browser is one of the largest points of infections. With many of us daily spending hours online it has became simpler to malware writers to target popular sites to spread infections. It is a good idea to take some steps to help prevent infections on your machine from the browser so you don't have to spend time curing your machine. Here are some steps and tools I recommend to help keep your machine clean and browser safe.
------------------------------------------------------------------------------------------------


Web Browser Recommendation)

1. Firefox:

 Firefox is personally my favorite Browser. With tons of addons that can help make it more secure it is a great choice for a browser. I use it on all of my machines and it provides great speed, stability, and security .

2. Google Chrome:

 Google Chrome is another good choice for an internet browser. It has speed, security, and stability just like Firefox. It also has a good amount of addons to help make it secure.

If you prefer to stay with Internet Explorer make sure you run Windows Update and make sure you have all the latest updates for it. If you already run any other browser make sure its updated along with all its addons

----------------------------------------------------------------------------------------------------------------
 Web Browser Tools:

 Please note I am mainly a Firefox user so most of the tools will work with Firefox only. So you may have to go look for other similar tools for other browsers.

1. Web of Trust: (Firefox, Chrome, IE, Safari, and Opera)

 Web Of Trust is a great community powered site ranking tool. Web of Trust works by allowed the user to rank the site by Trustworthiness, Reliability, Privacy, and Child Safety. Web of Trust also imports the computer safety results from different vendors to block malware hosting sites. Using a tool like WOT (Web of Trust) is very simple to use. WOT also puts one of four colored circles by each of your search results, it will be either green, yellow, grey, or red. Green means the site is ranked as being OK, yellow means be careful, grey means the site is not ranked, and red means stay away. Adding this simple tool is a great way to stay safe from scams and malware sites.

2. Ghostery: (Firefox, Chrome, IE, Safari)

 Ghostery is a tracker blocker, blocking the services that track you online. Help stay safe from tracking services with the help of Ghostery. Ghostery can also block cookies however I have not tested that yet.

3. AdblockPlus (Firefox)

 Malverts are every now, almost all sites are vulnerable to them. With the amount of Malverts rising I highly recommend an adblocker. I know for sure that adblockers have prevent malverts from attempting to launch Malware on my machine.

4. ClearCloud (all)

 ClearCloud blocks malware before they even get a chance to load while possibly speeding up your net connection. ClearCloud DNS service is a great way to add protection to all your systems.
----------------------------------- ---------------------------------------------------------------------
Tips!

 1. Make sure you keep everything updated. Have outdated software on your machine allowed malware writers to take advantage of vulnerability. This especially includes software like PDF reader, Java, Flash Player and items like that.

2. Use a secure DNS server to help block malware before it loads. 

3. Research each URL before you go to it.

Tuesday, May 24, 2011

Sony Ericsson Hacked

 The Sony Ericsson Division E-Shop was hacked again according to a new report that has come out today from Sophos . This time data was stolen from the web shop and posted online on Paste bin. This time names, password hashes, and email addresses. If you have had an account of Sony's Ericsson site I recommend you go change any similar password or same passwords.

 If any other Sony sites are hacked we will keep your informed.

Osama Alive scams hit twitter

 Did CNN confirm Osama is still alive, no it is a scam. Once again scammers are using popular events to steal personal information from everyday users looking for info. Doing a quick search for the url that the scammers are running off of on WOT shows the site already has a bad rep. Doing a quick Twitter search I have found the following messages pointing to the twitter stealing scam:

  omgg osama is alive!!! cnn confirmed that he's still out there :((

 wowww CNN video proved that Osama is still living!!!

 I cant BELIEVE osama is still alive - CNN confirmed he around stillll

If you have clicked the link it entered you login information I highly recommend you go and change your Twitter password as soon as possible. It also would be a good idea to go change any passwords that are the same or similar to your twitter password. If you see this message inform the person you saw tweeting it that the link it a scam and send them to this article.  

Monday, May 23, 2011

Profile Stalkers still hitting Facebook

 I decided to once again do my daily check for scam sites and spam apps on Facebook and I did notice some interesting

 First one I saw said:

 HEY! just found an easy way to find my Profile stalkers LOL!!!!!!!!!!!!!!!!!!!!!!! >>>>>>>> copy this code into your web address bar at the top and check yours 

 Now this should set off some warning sides, its never a good idea to copy code into your browsers address bar. Gladly when you look at the code it says to enter you can see what site it will try to load. The site it attempts to load is called "Binladensdeathvideo" and a quick WOT check showing the following results for its page. Once again it is unranked. So Web Of Trusters rank that site how you wish.
  
 Next one I ran into was with the following message:


 WOAH! my profile was viewed 89 times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours here (bad url)


 The bad url was a short url, when then lead to a photo hosted on another site. The site the photo was hosted on was not ranked on WOT. Most likely the photo contains instructions on copying code to your browser bar that will lead to the final Facebook scam. So remember its highly recommend to never copy code into your browser bar to let it run. Running the code will eventually make your account start spreading the same message.

Sunday, May 22, 2011

Sony Unit Hacked (again)

 Another Sony hack was found out of today. According to Sunbelt / GFI Labs blog. It seems a lot of people are finding holes in Sony's security systems. We have had the PSN issues, the Phishing page, the data leaks so many security issues in a short amount of time.

 If you have used Sony BGM Greece you may have had some data stolen. I recommend if you have had your account information there to watch out for phishing scams they may come to your stolen email address. Also if you have a weak password on any of your sites I recommend you go and change them now just to be on the safe side.

  If we hear about any more Sony Data loss we will inform you.

Free Gift Card Spam hitting twitter

 Mention Spammers are hitting twitter hard at the moment for some topics. A while ago I was talking to my friend on Twitter about Starbucks and out of no where I get a @ message telling me I could get a free Starbucks gift card. I then tweeted about getting the spam message (With Starbucks in the subject) and once again got another message saying I could get a free gift card. Once again this was from another twitter account. The two messages I got said the following:

"Awesome lol, today got a gift card"

"You are on your way to claiming a Starbucks gift card!"


 Doing a quick twitter search you can use these mention spammer/bots are very popular at the moment. The bots were offering Starbucks gift cards and Itunes gift cards. However I have seen bots in the past offering all types of items for free. Doing a Web of Trust check the site is already rated red. Remember if you get a tweet out of the blue offering you something free to check into the site to make sure its legal. A large amount of the time its a scam if it sounds to good to be true. Also look into addons like Web of Trust to help you stay safe from scams like this.

Saturday, May 21, 2011

Free Subway scams...still on Facebook

 The free Subway scam continues to hit Facebook hard. However once again they have changed their message and changed urls again. This time they are either spreading with a blank message or a message saying "I love Subway". All of them continue to say: Get Your Free Subway Gift Card Now! Click for Details

 Checking the WOT the only thing it says about the url is that is was ranked by SpamCop as a Spamvertised URL. The spam seems to be hitting Facebook hard for the number of people that have posted this so far seems to continue to quickly rise. Also remember if it seems to good to be true it most likely is. If Subway were to give out free Subs it would be all over the news/

New Widgets added

 Just a blog update for y'all, we have added a Linked-IN share button to the blog for those of you who use Linked-IN. We have also added a Delicious social bookmarking button. So I hope everyone that uses these tools enjoy the ability to share knowledge here with people on those sites.

Should kids under 13 be on Facebook?

 To allow or not to allow that is the highly debated question. Should kids under 13 be allowed or should they be banned till their 13 birthday. This discussion has picked back up again after Facebook CEO Zukerberg talking about his thoughts on the subject.

 Now I have said before I do not think kids under 13 should have a Facebook. However it made me sad when I looked at some of these comments about these articles. I have seen posts like *insert thing about childs maturity here* or *my child does this* or *my child needs it because* or even *well I am friends with them so that makes everything perfect*.  Just because of any number of reasons Facebook is 13+ for a reason. The Child Online Protection Act was created for a reason.

  So if you found this article I urge you if you were thinking of creating someone under the age of 13 a Facebook profile to wait till they turn 13. Yes they most likely will not be happy about it, yes they may say well friend x has one so why can't I. However it is a good idea to set good values, just because the want it now does not mean they should be able to have it. It won't be like that for them later in life. To be honest I even did not get a Facebook to the age of 13, I got it on my 13th Birthday and I was not harmed at all because I did not have one till then.

Another Sony unit hacked

 Another report is coming out that another subsidiary of Sony was hacked. This time is was So-Net Entertainment Corp, an internet service provider owned by Sony Corp. The Report says that the hackers stole about $1,225 of virtual points. The AP has reported that the hackers were able to read the emails for 90 users. If you used So-Net (I don't know how many of my readers do) I recommend you change all your passwords just to be in the safe side.Always better to be defend then to have to cure the problem.

Friday, May 20, 2011

The Monkey Continues to Stalk Profiles

 "The Monkey with binoculars" continues to try to get people to click on profile stalker apps on Facebook. On top of using the monkey the scammers are using the Facebook "F" logo. Once again the scammers are using the following message:

 OMG! Its unbeliveable now you can get to know who views your facebook profile.. i can see my top profile visitors and i am so shocked that my EX is still creeping my profile every hour

 That seems to be the top message when it comes to the profile viewing scams. Once again I did a quick check on WOT for the site and it was not rated. However for some good news all the past scam sites I have rated have quickly been changed to red. Even cooler (for me) is some of the sites I have referenced here as being an unrated scam site have been quickly ranked and in some cased linked back to the blog here. So to all my blog readers thanks for taking the time to help cut down on spams/scams on the internet.

 If you have not tried out WOT I recommend that you check it out, it comes in handy a lot of times when I want to research a url. Also make sure you watch out for these Facebook scams that keep growing, and remember no app can see who viewed your profile.

More Bad news for Sony

 Well I thought my next blog post about Sony would have been about the Sony PSN but sadly it is not. This time F-Secure is reporting they found a phishing site running off a Sony server/site. So this means once again they were hacked. It was not reported all long this has been running or how many people have clicked on it so far but again bad news for Sony.

 Hopefully Sony is going through right now and checking all their sites they run to make sure they are updated and not hosting any unwanted things. Also for all you webmasters out there I recommend you take the time now to make sure your site and update and secure. That includes all your addons and extensions, and platforms you may have added to your site.

Thursday, May 19, 2011

Free Subway Scam back?

 It seems the get free subway scam is back on Facebook. I have seen a large amount of activity from is and here is what I have found so far.

 It starts with a Facebook message saying "get a free meal hurry!"" with a photo of a Subway Sub. The link leads to to a blog called hxxp://mealthedeal. blogspot. com  Now this site is just the first stop of where it will lead you to. After this it redirects you to a site titled HXXP://subwayspecial . blogspot .com which seems to be the place the scam is taking place. The place will attempt to get you to take a survey and post it to your Facebook feed. For some good news the eventual site which it will take you is rated red on WOT. However the first site that would be checked by Facebook via the WOT database is rated green. So it is being allowed to spread via Facebook.

So remember if it seems to be too good too be true it most likely is. If this was a true deal you would most likely be hearing about it all over. Plus it most likely would be hosted on a Subway website not off some blogspot site. If you see anybody posting about this make sure you warn them about it and point them to this blog post.

Wednesday, May 18, 2011

PSN Update (5/18/11): Its down again

 Well after the good news of the Sony PSN finally coming back online a few days ago I got some bad news about the PSN to report. This time a report is coming out saying a vulnerability has been found in the password reset system allowing the previous hackers to possibly use the information from the database they may have stole to reset passwords forcing users to lose their account.=. So far nothing has been posted on the PlayStation blog about what has happened and when it will be back.

 According to the report the PSN login page has been taken down but I do not have a PlayStation to confirm that it is down. If you have a PSN account and did not change your passwords for accounts you had in the PSN last time I would recommend going and doing that now.

 IGL-Security will keep you updated when more information is out.

Mac FakeAVs continue to bother Mac users

 FakeAV's have been bothering Windows users for a while now, and they continue to get worse. By worse and mean harder and harder to remove. I remember a while ago when I saw my first fakeav. If I remember correctly it was Winfixer. It was a very simple FakeAV program compared to today's and was easy to prevent by just closing your open browser. Today fakeavs are installed through exploits, drive by downloaders, trojan downloaders, and all types of different ways. Today they even lock you out of your Windows, disable important services, and even encrypt your hard drive to prevent you from getting in without paying.

 Now FakeAVs are starting to pick up on Mac machines. How bad you may ask? Take a look at this interview with an AppleCare support talk about how calls have picked up with people asking how to fix the Mac FakeAV variants. In fact I was just looking through the Malware removal section of GeeksToGo the other day and I saw someone posting on there asking how to get rid of the FakeAV they had on the Mac. Normally you never see any Mac users in any of the malware removal forums.

 With all the reports with one of the first larger wave of Mac FakeAVs just think what would happen as they continue to grow. If Mac FakeAVs were to become like Windows FakeAVs I hope all Mac users start adding a antivirus scanner to help prevent them. I honestly do feel that Mac FakeAVs will start becoming like Windows FakeAVs. In fact some of the Windows FakeAV creators may be behind these Mac FakeAVs.

 So everyone who uses a Mac or Windows machine, watch out for FakeAVs and do not try to pay for them.

Tuesday, May 17, 2011

Did Facebook add a Dislike buton?

 A scam has been going around Facebook saying that Facebook as enabled the dislike button. In my research it seems a large amount of people are wondering if Facebook did add a dislike button. I would like to inform everyone that the dislike button was not added and does not exist. If Facebook were to add a dislike button you would see the dislike button all over the web and hear about all it on the news.

 Once again this was another scam spreading through Facebook. Clicking on it will spread it along to all your friends. I am currently unable to find a live copy of this scam but it current it still a very popular scam at the moment.

 Some of the messages users are using to spread the warning about this scam is the following:


WARNING - BE CAREFUL. I just got one posted on my wall....
This is spreading quickly! It's a virus!!!: "Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature!"
THERE IS NO DISLIKE BUTTON. DON'T CLICK ON IT!!!! REPEAT!!!Don't anyone click on the "Enable Dislike" statuses, it's a virus

Monday, May 16, 2011

Who viewed your profile scams continue to hit Facebook

 Different waves of Profile Views/Who viewed it scams continue to hit Facebook. In fact 3 of 5 of my daily top viewed articles are on Who viewed types of scams. This is not because of me advertising about them but because of the amount of people that are searching for them online. Here is a quick overview of ones I have recently found. The first message I ran into was:

 Wow, It Works Like a charm! See w
ho have viewed Your Profile! (Bad link)

 I did a quick check on the link it went to on WOT (One of the places Facebook gets its database of urls) and this was the rating that I found. I did take the time to rate it and if your a WOT member make sure you take the time to rate the bad scam sites you find red.


 The next scam I ran into was the one with the Monkey again. Although I like monkeys it seems scam writers are liking them also. Here was the new message the monkey was spreading:

 WICKED! Now you can see who views your facebook profile.. i saw my top profile stalkers and my EX is still creeping my profile every day (bad link)


 Once again the domain was not rated on WOT.


 The third message I ran into was this:


 WOAH! my profile was viewed 119 times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours here (bad link)


 This bad link did some short url jumping going from less known short url service to less known  short url service. It eventually led me to a site with a photo. The photo does not look bad but I don't currently got a VM up to look into it more. Again the final url was not rated at all on WOT. However I have noticed the rating are quick to update when I rank the scam sites.


 Once again your start spreading this go into your account settings and remove all suspicious apps. Then delete all the photos and statuses the app may have posted to help prevent others from clicking on it. Then finally I recommend you change your password just to stay safe. Remember no app can tell you who is looking at your profile and how often people are looking at it.

7.5 MILLION kids lie to get a Facebook

 So more then 7.5M kids lie to get on Facebook. No I did not just make that number up, that number is from a study Consumer Reports has put out. Now I can honestly see that the number is true because of all the members I have seen many underage users on Facebook before and I will be fully honest that I think its wrong for someone underage to be on Facebook.

 Now from a kids view Facebook did it just to make it unfair to all of them. However everyone must remember that the U.S has a law for internet privacy/usage for collecting data for anyone under the age of 13. I can't remember the name of the act at the moment but I think that's one of the biggest reasons why Facebook is 13+.

 Now for some sad facts. Out of the 793 people who took the poll at that article I linked to only 58% of people voted kids under 13 should not be allowed on Facebook. Then reading the comments on a majority of these articles show people saying "oh just add them as your friend and they will be fine". Sure the child may be find and responsible but it still is breaking the Facebook terms.
 
 So whats my advice, although it may be unpopular but I don't think its right to have people under 13 on Facebook. Just because others have it does not make it right. However this is just my opinion on the subject and I am sure you will see many others out on the internet.

Always download your software from the source

  Infections can happen to anyone, however some activity's have more risk it then others. One of the things that has a higher risk is downloading illegal software. Patches, Cracks, and keygens in my opinion are: A. wrong and B. more likely to be malware then other legal files. When you are looking for download a program I highly recommend you go to the site where the software is offered and download it from there.

 A lot of the time when hunting malware files the Malware files are named (program)-keygen.exe or (program)-crack.exe. Now please note those files may have some keygen ability (I don't know for sure) however a majority of them are just malware droppers. I remember when TDL3 started spreading quickly and a lot of the time the TDL3 installer files were being distributed as keygens or cracks. Also just recently I have saw some reports of keygens telling you that you must take a survey in order to get the key, and much like Facebook scams taking the survey won't get you anywhere.

  Now another reason I recommend you avoid them is because they are wrong in my opinion. Taking someones work from the internet for free is wrong. It not like we just go to the our local supermarket and grab whatever we want for free, just because its on the internet does not make it legal. This includes using torrent programs to try to download free music online. Unless they put it out online for free its not right to download others for free.

 Also remember when you install software to check for reviews on the product first. Make sure you have an updated AV program installed also to scan each of your downloads before you run them.

Saturday, May 14, 2011

PSN Update 5/14/11 - 5/15/11 SOME GOOD NEWS!

 With all the bad news that I kept posting about the PSN I think you will be glad to read this blog post. Sony has started to turn on the PSN network. All you gamers can start updating your PlayStation to be ready for the service to be turned back on. It is being rolled out in waves so hopefully the service does not go down with everyone attempting to access it

 You will have to reset your password once you try to login again. So that's all for this update, now you can go back to your PlayStation and keep waiting for it to say connected.

Profile Stalkers continues to hit Facebook hard (5/14/11)

 Yesterday I wrote about Profile Stalkers making a large wave of spam posts through Facebook. I decided to check again today to see if the scam has died down at all. Sadly the scam is still making a very large wave with a few minor changes.

  The scam app is still spreading the following message:
OMG! Its unbeliveable now you can get to know who views your facebook profile.. i can see my top profile visitors and i am so shocked that my EX is still creeping my profile every hour
 Once again this is the same message as yesterday, and again many people are still falling for it and clicking it. They are using the same icons as I talked about yesterday. The one minor difference is that that are not longer only using TinyURL but are using a mix of real domains and short url services. I took a look at one of the domains that the scam users were using and only one web shield service on URLVoid was detecting it as bad. It had not been rated on WOT but I did rate it to help it get blocked on Facebook.
 Remember to watch out for these types of scams and do not click on them. 

Friday, May 13, 2011

Can I be safe on Facebook?

 Facebook is everywhere, and by everywhere it really does seem like its everywhere. Companies are adding the share button into their applications, to their sites, replacing their comment system with facebook, using Facebook check-in to share with their friends where they are. Facebook is changing how are world communicates. You can see just by looking at the side of out blog that IGL-Security has jumped into the social networking with a Facebook page and share button. I personally think Facebook has helped us connect a lot more by allowing us to share photos instantly, and share bit of our life. However with the popularity of Facebook rising and everyone jumping into this social networking people have started asking how far is to far? It can become hard to use the internet is some places if you don't have a Facebook also. I know of a few sites that have been changing to Facebook Log-in without a way to get on with out one. That can become good and bad. For the good the site can work around what you like but the bad is if you don't have a Facebook you have to get one to sign up. So with all that said I think the main reason people are against Facebook is because they fear it is not safe. They may also think its useless. However I want to share some things about being safe on Facebook.

 First way to be safe is to adjust your privacy setting and set everything to friend only. That way some random person can't go to your profile and look at your photos, get your phone number, and find out where you live. That will really cut down the dangers of social networking. However in order for that to work you must add read friends only. Yes that may mean you don't get extra people to help you play games but it means you are safe from strangers viewing your profile. Besides how do you know those people saying add me to play game x are really who they say they are.

The next thing to remember is you don't have to fill out all your information. Its not required to post where you live, what you mobile and home numbers are, or even where you go to school. You can leave a lot of the information blank if you want to. They don't force you to enter any information.

Don't use mobile check ins, you don't have to tell anyone where you are at the moment. Also its a good idea not to post when you will be out of town. Before Facebook you did not run around town saying your going to be gone so you don't have to do it on Facebook.

 Finally remember that once its on the internet it does not just go away. So use common sense about what you post online just as you would in person.

Profile Stalkers making a large wave through Facebook

 Although Facebook has just recently announced they are taking steps to help prevent the scam/spam apps it does not mean these steps will stop them. That is clear because another huge wave of scam apps are going through Facebook right now.

 The scam app is now using the following message, and like always its just a variant of a message that has been used before:

 OMG! Its unbeliveable now you can get to know who views your facebook profile.. i can see my top profile visitors and i am so shocked that my EX is still creeping my profile every hour.

 It then comes with a link, and the links photo is either a photo of a monkey with binoculars, or a photo of a green button that says click me. The click me button seems to really be getting peoples attention because a lot of people are clicking it and the list of people clicking it is going up every few seconds.

 The scam app is spreading through TinyUrl shortened links. I don't see an app name at the moment so watch out for that. If you start posting this make sure you go into your account setting and remove any apps that look suspicious, remove any posts and photos it may have made, and change your passwords just to be safe. Remember that no app can tell you who is viewing your profile, and finally watch out for big buttons that say click me.  

PSN News Roundup 5-13-2011

 Its time for another news roundup about the PSN. Once again I am sorry to inform you I don't have a date that the PSN will be back on. However Sony has said it will be back on in a few days.

 First up Sony has sent out a letters to their partners according to Industry  gamers. Not much new information is provided. It just is a little review of whats been going on at Sony and what steps are being taken. No report of wen the service is going to be back on. Hopefully as they work on getting PSN ready to be launched again that they are going to be ready for the huge rush of people trying to log in at once.

 Another report coming from CNET is saying some places are reporting a large amount of PS3 trade ins. No one will come out and confirm this study taken yet but it sounds like something people that are a huge fan of online gaming would do.

  On the bright said maybe its a good idea they did not launch it again today :P

Is a Firewall Needed?

 Another question that is debated a lot is "Is a firewall necessary". In fact a quick web search leads to many different opinions. So I thought I would share a bit on my opinion on if I think a Firewall is needed or not.

 I think a simple way to put it is yes and no. I personally believe a Firewall is a good idea, but I also don't think you have to go and install one. One thing many people don't pay attention to is that Windows has a built in firewall, clearly named Windows Firewall. Windows Firewall provides pretty good in-bound protection and a little out-bound protection. Now some of you who know me may remember that I have said I am not a huge fan of Windows Firewall because it had caused me a few issues (blocking games from connecting due to a slow showing alert) but for everyday use Windows Firewall stays out of my way and does a good job. In fact on my family machines they barely notice that its there and the only time they have had to edit it is when they were attempting to allow networked computers to print).

 Another thing to remember is your network router most likely already has a firewall built in. The router firewall will block attacks before it even gets to your Windows machine. Plus it will help stealth your machine to hackers. The great part about these built in Firewalls you don't have to answer any questions. However the one weakness is they won't really provide outbound protection because they can't just popup and notify you.

 So as tech advances you should be well protected with random net attacks. I can not remember the last time I plugged in my computer directly into the net, plus I can not remember the last time I saw a Windows XP Sp1 machine. However there are some times when I will recommend you make sure your Firewall programs are running well, and if you want install another firewall to view connections. Finally here are a few tips:

 1. If you travel a lot and use public wifi connections. Public Wifi connections are sometimes not setup securely. If you have a Windows 7 machine and attempt to connect to a public wifi spot make sure you set your connection to untrusted when Windows asks you. If you are on an older version of Windows make sure you Windows Firewall is set at untrusted network connection so every machine and the network can not access your machine.

  2. Set a password on your home connection, don't let the whole community join your network and get access to your printer, your photos, you share music, and any other files you have shared though your network.

  3. This is one of the most important, use a firewall and make sure you are comfortable with it. If you feel better using Windows Firewall use it and make sure its on. If you prefer something else try something else. You have a lot of choices of Firewalls out there. ZoneAlarm has always been a pretty popular firewall for a lot of users, I also really liked PrivateFirewall last time I used it. Just make sure you like what you are using.

A Thank you to Facebook Security

 Facebook has announced some new security features which you may have heard about, I would have blogged about this sooner but Blogger has been down. You can see Facebooks post about the new features here on the Facebook blog.

 First up they have partnered with Web of Trust to greatly improve the URl filtering they use. I think Web of Trust is a great way to look up website reputation and WOT does get bad links from a few different sources other then just the community. I think this is a great step forward to help prevent the posting of spam/scam/malware urls and should help cut the amount down.

 Click-Jacking protection has also been added. Click-Jacking has been a popular way for scam/spam apps to spread so its good to hear that steps are being taken to help prevent this type of spreading.

Self-XSS protection has also been added. Self-XSS has been coming up a lot more recently. You most likely know Self-XSS and the type of apps that ask you to copy and past some Javascript into your address bar to get some fake results. That has been happening more and more recently so its good protection for that has been added.

 Finally login approvals have been added. Which means if you try to login from a new device you can get a text to your phone with a mobile code to verify you are you. This is good for everyone has who a mobile phone and texting but those that do not can not use it.

 I am glad to see Facebook adding a lot of new security features, yes the scam/spam writers are going to try to work around it but prevent is always better then curing. We shall see how this works out in the following weeks.

Wednesday, May 11, 2011

PSN Update 5/11/11

  Its now time for another PSN update. I know y'all clicked on this wanting to see the date it will be back on but I am sorry to tell you I don't have the date and Sony announced its going to be a few more days.

  First up Sony has released a new blog post saying it goings to take a few more days to get the service back online. You can see Sony's latest blog post on their Playstation blog. Looking at the comments people are growing tired of waiting for Sony to relaunch the service. No other information was provided other then that small update. People are starting to wonder how large a update it taking place for the PSN network.

  The next news is saying Anonymous as a group did not hack the Sony servers but some members of the group may have acted out from the group and hacked the servers. This report has came from CNET and you can read that report here on the CNET blog. Now for some good news (also coming from the CNET blog) is that Sony seemed to shut down the servers that the hackers still had access to and stopped the plan attack. So with all the bad news coming out about the Sony PSN and Sony Online services its good Sony was able to prevent a 3rd large attack.

Tuesday, May 10, 2011

The more security programs = less secure

 If you read my blog a lot you will remember that a few days ago I wrote about Windows Defender. Now I knew writing it that some people would like the article some would dislike. While going through the comments my friend/fellow Panda Cloud forum Mod Shadowman brought up the "usability factor". Now I figured instead of replying to the comment I should just write a whole blog post to everyone can gain some knowledge.

 I think the best way to talk about this is to compare it to something I think all of us are familiar with, and the item that came to mind was a jacket. One jacket can keep you warm, easy to take on and off, and does not make you too hot or too cold. However wearing to many jackets will make you get too hot and make you struggle to take the jacket off. This goes the same way with computer security, having to much security software running at the same time can over-heat your computer. It can cause the software to struggle as it fights the other security software to remove the malware. Just as to little security software is bad to much security software is also bad.

 This to little to much line is normally called the usability factor. It is different for every person and every machine. Some users can make it by on very few security programs while others prefer to run 20 different security programs. However it is important to remember to still be able to use your machine. It should not be all work and no fun, remember to enjoy your time on the computer. You should not have to answer 20 alerts just to get to a websites.

 Another thing to remember is running more security programs does not make you more secure. The security programs will start to fight each other to remove the malware. In the end this will cause you to have less security then you would have had with one program. Also a few times I have noticed security programs detecting each other causing one security program to stop working and causing heavy CPU usage.

 So it is bad to use more then one security program? No, especially if its built to work with other security programs. However be careful not to run to many security programs for running to many can do more harm then good. Finally, remember to enjoy using your computer and not just work on securing it 24/7 

Free Subway Scam on Facebook

 Another "free item" scam, this time telling everyone Subway is giving stuff out for free. The scam starts by posting a message that says "I love Subway". It then links to a site titled hxxp://freegiftcardson.us (Do not go to this site) which will ask you to take a survey. The survey will give away person information to advertisers and attempt to get you to sign up for un-needed services.

 Remember if it seems to good to be free it most likely is to good to be true. If you see this on your social feed do not click on it and inform your friend that posted it that it is a scam. If you posted it make sure you delete it so no one else clicks on it. If this was a real offer you would most likely see many news site pickup on the news anf inform you.

Hours on Twitter scam hitting Twitter again

 The hours on twitter scam is back and hitting twitter again. Once again it is using a similar message. Here is the current message I have spotted:

 (trending topic) > I have spent: (random number) hours on Twitter! See how much you have: (bad url) The bad twitter app does not really have a name and just says its coming in through the Twitter API.


 The latest twitter scams seem to be posting a few of the currently trending topics in the message so the tweet gets more views. This has been becoming more and more common with twitter due to the fact its simple to access the "trending topics data"


 Another interesting fact is that according to some online scanners the site this scam is linking to is hosting some exploits. According to the online scan from Norton Safe (you can see it here) a few Drive by downloads exist on the site. That shows fake social apps can lead to getting your pc infected.


 If your twitter account starts spreading this go into your settings and remove any suspicious looking apps that have access to your site. Then delete all the tweets it posted so no one else clicks on it.

Monday, May 9, 2011

Daily Social Scam Report (5-9-2011)

 Here is a roundup of the social scams I have found today

 This who viewed your profile scam it still hitting Facebook pretty hard with the following message:
WOW I cant believe that you can see who is viewing your profile!I just saw my top 10 profile peekers and I am SHOCKED from who is viewing my profile!You can also see WHO VIEWED YOUR PROFILE here: 
 The app name for that scam is hdgfjfh so watch out for links posted from that app. If you see any make sure you go into your app settings and remove that app, delete and all the posts, remove all the photos, and change your password to help get it off Facebook.

 The twitter bots seem to have been active on twitter a lot recently. Every once in a while I have been getting tweets from them advertising random services and trying to send me to spam sites. Watch out for these bots that send you messages at random times. I highly recommend you delete them if they start to follow you and ignore random tweets you get linking you to a site.

IGL-Security as Tumblr share button

 Now I have seen Tumblt links around every once in a while (but never used it) but since the big news today has been Tumblr has added a share button I figured today would be the best day to release a Tumblr button. So now my IGL-Security reader feel free to share the IGL-Security blog on Tumblr. So enjoy everyone and I hope you like it. Also if you have any suggestions for widgets feel free to post a comment with your suggestion.

Watch out what you click on Yahoo! Answers

 Yahoo Answers is a great place to look to when you want to get a real person to answer your question. However malware writers have been taking advantage with that by attempting to link answer seekers to a site that leads to a fakeav. This has first been reported by Paretologic Malware blog. I decided to take a look and see what I could find and here are the results of my analysis.

 First up I did a Y!Search on the Yahoo!Answers site for the link that was posted on the Paretologic blog. First up was some good news. Yahoo! Answer users are being cautious about the site and asking on Yahoo! answers if the site is good or bad. Some example of that can be found here and here (on the good site each of the questions gt the good recommendation of not going to the site). This is great that the community it taking action and down voting the questions that have a link to that so they are not shown. Now for a little bad news, only 13 of the 42 Antivirus engines on VirusTotal detect the file that is being linked to. That goes to show why you should not put all your trust it one product (this is something I will be blogging about more soon).

 So Yahoo Answer users watch out for links like this. If you see any make sure you do not click them and warn everyone not to click on links like it.

Saturday, May 7, 2011

Sony Data leaked again?

 Reuters is reporting another data-loss coming from Sony. This time is it being said that it was information from a 2001 Sony Sweepstakes. Gladly this time the hack did not involve Social Security Numbers, Credit Card numbers, or passwords, have a data loss is still a data loss.

 Now according to the article this was all older data, which does make me wonder how much of the data was still accurate. It also leads to the question where did the 2001 database come from. This hack also brings up a few other good points. First is that even though you have not used a service lately does not mean later on you may be part of their data loss. I am sure people in 2001were not think "oh in 2011 I may get my data lossed so I will not enter this contest. The next important thing is for companies, have a team working on keep your data secure. This even shows what can happen, so its always a good idea to have prevention steps in place to keep data loss from happening. Finally it goes to show something both users and companies should do, keep their software updated to the latest version. Outdated versions lead to vulnerability that can cause data-loss for companies and malware attacks for the everyday user. So please keep your software up to date to help keep malware infections from coming and data loss down.

FakeAV's hitting users searching for Mothers Day Stuff

  Tomorrow is Mothers Day so many people right now are searching up Mothers Day related terms. However Malware Writers are not taking the day off and are busy hacking/seoing sites up to the top result, and no they are not doing this to be kind to you but these sites lead to a FakeAV to infect your machine. Once again these sites are infecting Macs and Windows based machines, so using your Mac will not make you immune to any threats you may run into. You may also run into them while doing an Image search, FakeAV's coming through Image searches seems to have really picked up recently.

I highly recommend you take some protective steps to stay safe while searching for Mothers Day terms. First make sure your AV is updated to the latest version and has the latest malware database updates. If you do not have an AV or have an outdated AV because you don't have money to pay I recommend Panda Cloud Antivirus because its free and has a good detection rate. Next I recommend making sure your internet browser is updated to the latest version. I recommend looking into apps like Web of Trust to check site ratings because you click on them. Finally I recommend using a secure DNS service. This DNS service will blog sites before they even load so the sites don't even have a chance to load a FakeAV. I personally like ClearCloud it is free and has worked pretty well for me.

Friday, May 6, 2011

Watch out for malware on your next image search

 Malware writers have a large attack wave of FakeAV's comming through Google Image Search at the moment. It seems a large amount of sites that normally have front page ranking have been hacked by code injection so when the user searchs for a normal topic the FakeAV image will be the top ranking results. Some reports have said that this attack is mainly focused on WordPress sites so if you run a Wordpress blog make sure you update it with the latest patches so you are not out of date.

 One important thing to remember is to not click the x button. The x button is normally taken over by a download button so even if you hit x it will still try to get you to download the file. Instead hit ctrl-alt-delet and stop your internet browser client. That way you will prevent the FakeAV from installing on your machine. Its also a good idea to install a webfilter to protect you as your are online so the hacked sites don't load as you are searching.

Also its a god idea to take some time and make sure all the programs you have on your machine are updated to the latest version. If the hacked sites are moved over to exploits its a good idea you are prepared with the latest updates of all your software.

Sony PSN update 5/6/2011 and 5/7/2011 (Updated)

 It now time for the next update on Sony's PSN. Just yesterday Sony announced that their global network and security teams were in the final testing of the new PSN system. They announced this news on the PlayStation blog yesterday. So all you PSN users who are wanting to play some PSN it seems it shall be back online soon.

 The other two stories going around about Sony's PSN are not the best news you want to hear. First is that CNET is that they have heard that a Third Attack is planned against Sony. Nothing has been confirmed about this but as long as you keep you eye out for news about this you will most likely hear something quickly when it happens. An interesting point made is that some of the hackers are "claiming" they have access to the Sony Servers already. I do not know if they do or not but I guess Sony is looking into it at this very moment.

 The next question that has been raised recently is did Sony know about any possible software that could be out of date? Now I have not heard anyone confirm that some of the software was out of date but that does raise an important question.

 Update: Sony has just posted another blog post on the PSN hack. They have said they were planning on getting the PSN back online in a week however due to the attack on the SOE servers they are taking some extra time to test the servers security.

Thursday, May 5, 2011

LastPass "may" have been hacked

 The LastPass Password Manager Software Team has issued a warning that the LastPass database may have been hacked. The LastPass team noticed a large amount of traffic leaving the server and could not find out the root cause of the large traffic surge. LastPass is a pretty popular password manager. You can read the LastPass blog post on it here: LastPast Blog Post

  One thing I would like to say is I am glad the LastPass team is quickly taking action on this. Unlike some companies that wait to confirm the hack before they take action the LastPass team acted and are forcing everyone to change their master password. With the recent data-losses (Sony PSN, SOE) I highly recommend people keep working on making strong passwords. Also make sure you inform any friends you have using LastPass about changing their password.

Wednesday, May 4, 2011

More Data Loss

 Another data-loss from Sony, as you may have heard that the Sony PSN was hacked but this data-loss was from Sony Online Entertainment. SOE has 10+ MMOs currently online. A data base was stolen from 2007 which has about 12,700 non-US customer credit or debit card numbers and expiration dates according to Sony. Sony has also said is had about 10,700 direct debit records listing bank account numbers from customers in Germany, Austria, Netherlands and Spain. Personal information was stolen for about 24.6 Million accounts with the following data:

  • name
  • address
  • e-mail address
  • birthdate
  • gender
  • phone number
  • login name
  • hashed password. 
 Once again if you used your SOE password at another site I highly recommend you change all the sites that use that password.You can read the SOE press release here: Press Release


Tuesday, May 3, 2011

A nice mix of Who viewed your profile scams

 At the moment a nice mix of Who viewed your Facebook profile scams are hitting Faebook. Here are some of the example messages that I have been seeing:

 WOW I cant believe that you can see who is viewing your profile!I just saw my top 10 profile peekers and I am SHOCKED from who is viewing my profile!You can also see WHO VIEWED YOUR PROFILE here: (bad link)

 looks like (x amount) people visited my profile, says this page lol. are you stalking my page or something? lol jk (bad link)

WOW I cant believe that you can see who is viewing your profile! I am SHOCKED for those who viewed my profile!You can also see WHO VIEWED YOUR PROFILE here (bad link) this is great!! this is the latest new application of Facebook.
My Top Profile Viewers: 
(random friend) - (random number of views)
See your here: (Bad Facebook Page)

So as you can see these who viewed your profile scams are hitting Facebook hard at the moment, then again they have been doing that a lot recently. Please stay away from these fake apps they are saying they can tell you who is viewing your profile. If you click on one go into your settings and delete the app from your permitted apps, then delete all the posts it made, and then finally change your password to stay on the safe side. Make sure you become a fan of our Facebook page to get the latest news in your newsfeed
An original article from IGL-Security

 

Osama Bin Laden Execution video scam hitting Facebook

 With the news of Osama Bin Laden being dead a huge amount of Osama released scams have been hitting Facebook. While going through my friends list today I only noticed one, so watch out for variants of this message:

 About time they let us see this video (bad link)

 Once again I highly recommend you do not click on any links with messages like that. You would then be taken to a page titled "Osama Bin Laden Execution Video" which will then attempt to get you to post this on your friends page. I recommend avoiding pages like this and if you have already clicked on one delete all the posts that you made on your page and posts you may have made on friends wall. That will help cut down the large rush of people click on it. I also recommend changing your password just to be on the safe side.

Monday, May 2, 2011

Should I keep Windows Defender?

Note: This is a opinion article, this article is all based on my personal thoughts on the products and not by any facts. You are free to make your own opinion on Windows Defender and its use.

 Since the release of Windows Vista all Windows Operating Systems have came with a basic anti-spyware program known as Windows Defender. However due to Windows Defender not providing Anti-Virus protection, the question was asked "Should I keep Windows Defender?" and they question is still highly debated today in different computer security forums.

 I personally think to answer this question you first need to know a little more about it. A large amount of the time people compare Windows Defender to products such as Malwarebytes Anti-Malware and SuperAntispyware, however I don't think they should be compared. I personally don't think they were made to be used the same way. SAS/MBAM are updated a couple of times a day while Windows Defender is only updated a few time a week through Windows Update. I don't think Windows Defender goal is to keep you safe from every new threat coming out, but to keep you safe from Adware, bots, some rootkits, and to give you a warning sign when you are infected. What do I mean by warning signs, sometimes a normal every day user does not know if they are infected or not and goes by when their av product alerts them of something. Every once in a while I see someone get infected by a bot and the only sign they have they are infected is a Windows Defender alert, the user then knows they are infected and heads to one of the malware removal sites to get helped out. Although Windows Defender may not be one of the quickest to detect something its better then nothing.

Windows Defender also does have some other cool features (in some versions) that seem to have worked good. Windows Defender contained a "light hips" that would block some programs on boot if it detected it to be suspicious. That always seemed to work OK on some types of threats. Another feature that worked nice with SpyNet. SpyNet is a Microsoft service used to collect data on possible malware files behavior. Since so many computers use Windows Defender that data collected can help when it comes to malware removal tools such as MRT. Microsofts MRT monthly update helps remove many common infections each month when users update there machines. Also on the Windows Vista/XP version Windows Defender contains a startup explorer letting you see what loads with your computer with an easy to use UI.

 So is Windows Defender Worthless? In my opinion no, its still updated a few times a week and has blocked infections on users machine. The product still gets engine updates when Microsoft updates Microsoft Security Essentials. However i still recommend running an AV because Windows Defender should not be your only product. I recommend Panda Cloud Antivirus to use as an AV.

 Also make sure you keep up with our blog to stay up to date on the latest computer security news.

Think your safe reading news on your mac? Think again...

 Note: I figured it would just be best to put these two topics on one since both involve each other.

   As most of you have most likely head last night the President called a meeting to inform everyone that Osama Bin Laden is now dead. When people started to hear about this most of them went online looking for proof and other news about his death. This is one of the times malware writers start attempting to do SEO to get you click on their site. Be on the lookout for exploit sites saying they got more Osama Bin Laden news, try to stick to trust-worthy sites which are more well known.

  The next warning is to watch out for Facebook scams that will try to spreading using this event. Try to not click on apps about the event because a good amount of them will most likely be spam/scam apps. Its always better to stay safe then risk getting your Facebook amount in the middle of a spam/scam wave.

  Finally here is a message to the Mac Owners, watch out for the new MacDefender FakeAV that is spreading on Mac Machines recently. Just like Windows FakeAV programs, MacDefender says it has found malware on your machine and you need to remove it. It shows popups saying your infected just like Windows FakeAV programs do, and attempts to get your cash by asking that you buy the program (just like Windows FakeAV programs do). So all Mac users out there watch out for this scam, and remember as I have said before Mac machines are not immune to malware.